samba.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix blocker bug 5745 kerberos authentication with (lib)smbclient is broken.	Jeremy Allison	2008-09-10	1	-2/+14
\| \| \| \|	Jeremy.
*	Remove a duplicate retval check	Volker Lendecke	2008-08-31	1	-8/+2
\| \| \| \|	Jeremy, please check!
*	kerberos: use KRB5_KT_KEY macro where appropriate.	Günther Deschner	2008-08-29	1	-15/+5
\| \| \| \|	Guenther
*	kerberos: move the KRB5_KEY* macros to header file.	Günther Deschner	2008-08-29	1	-12/+0
\| \| \| \|	Guenther
*	Fix length error in wrapping spnego blob	Igor Mammedov	2008-08-18	1	-1/+1
\|
*	fix build warning.	Günther Deschner	2008-08-11	1	-1/+1
\| \| \| \|	Guenther
*	One more build fix. Ensure we have KRB5_AUTH_CONTEXT_USE_SUBKEY defined ↵	Jeremy Allison	2008-08-08	1	-3/+3
\| \| \| \| \| \|	before we compile the new code. Jeremy.
*	Try and fix the build for systems that don't have ↵	Jeremy Allison	2008-08-08	1	-3/+3
\| \| \| \| \| \|	krb5_auth_con_set_req_cksumtype(). Jeremy.
*	Add Derrick Schommer's <dschommer@F5.com> kerberos delegation patch. Some	Jeremy Allison	2008-08-08	1	-2/+184
\| \| \| \| \|	work by me and advice by Love. Jeremy.
*	clikrb5: don't use krb5_keyblock_init() when no salt is specified	Stefan Metzmacher	2008-08-04	1	-35/+30
\| \| \| \| \| \| \| \|	If the caller wants to create a key with no salt we should not use krb5_keyblock_init() (only used when using heimdal) because it does sanity checks on the key length. metze
*	Fix return of uninitialized variable.	Jeremy Allison	2008-06-26	1	-1/+1
\| \| \| \|	Jeremy.
*	kerberos: add smb_krb5_keytab_name().	Günther Deschner	2008-06-24	1	-0/+22
\| \| \| \|	Guenther
*	kerberos: make smb_krb5_kt_add_entry public, allow to pass keys without ↵	Günther Deschner	2008-06-24	1	-18/+38
\| \| \| \| \| \|	salting them. Guenther
*	clikrb5: remove unrequired create_kerberos_key_from_string_direct() prototype.	Günther Deschner	2008-06-17	1	-10/+10
\| \| \| \|	Guenther
*	Cleanup size_t return values in callers of convert_string_allocate	Tim Prouty	2008-05-20	1	-3/+6
\| \| \| \| \|	This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure.
*	Use new IDL based PAC structures in clikrb5.c	Günther Deschner	2008-02-17	1	-7/+7
\| \| \| \|	Guenther
*	Make heimdal and MIT happy when iterating through auth data.	Günther Deschner	2007-12-12	1	-3/+3
\| \| \| \|	Guenther
*	Vista SP1-rc1 appears to break against Samba-3.0.27a	Guenther Deschner	2007-12-12	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jason, Jason Haar wrote: > Patched 3.0.28, compiled, installed and here's the log file. > > Hope it helps. BTW I don't think it matters, but this is on 32bit > CentOS4.5 systems. yes, it helps. Thanks for that. Very interesting, there are two auth data structures where the first one is a PAC and the second something unknown (yet). Can you please try the attached fix ? It should make it work again. Guenther - -- Günther Deschner GPG-ID: 8EE11688 Red Hat gdeschner@redhat.com Samba Team gd@samba.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHX9ZESOk3aI7hFogRAivSAJ9bMcD+PcsIzjYYLtAUoLNfVVEl1QCfV/Qd MPsZW4G31VOVu64SPjgnJiI= =Co+H -----END PGP SIGNATURE-----
*	Remove next_token - all uses must now be next_token_talloc.	Jeremy Allison	2007-12-07	1	-9/+8
\| \| \| \| \|	No more temptations to use static length strings. Jeremy.
*	Fix the setup_kaddr() call to cope with IPv6.	Jeremy Allison	2007-10-29	1	-8/+34
\| \| \| \| \| \| \|	This is the last obvious change I can see. At this point we can start claiming IPv6 support (Hurrah !:-). Jeremy.
*	This is a large patch (sorry). Migrate from struct in_addr	Jeremy Allison	2007-10-24	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \|	to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy.
*	RIP BOOL. Convert BOOL -> bool. I found a few interesting	Jeremy Allison	2007-10-18	1	-14/+14
\| \| \| \| \| \| \|	bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy.
*	r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text	Andrew Tridgell	2007-10-10	1	-2/+1
\|
*	r23779: Change from v2 or later to v3 or later.	Jeremy Allison	2007-10-10	1	-1/+1
\| \| \| \|	Jeremy.
*	r23651: Always, always, always compile before commit...	Günther Deschner	2007-10-10	1	-1/+1
\| \| \| \|	Guenther
*	r23650: Fix remaining callers of krb5_kt_default().	Günther Deschner	2007-10-10	1	-3/+3
\| \| \| \|	Guenther
*	r23649: Fix the build (by moving smb_krb5_open_keytab() to clikrb5.c).	Günther Deschner	2007-10-10	1	-1/+137
\| \| \| \|	Guenther
*	r23609: Removing more redundant codepaths out of smb_krb5_renew_ticket().	Günther Deschner	2007-10-10	1	-38/+26
\| \| \| \| \| \|	Thanks Volker for the pointer hint :) Guenther
*	r23588: Some more cleanups and error checks in the krb5 renew function.	Günther Deschner	2007-10-10	1	-6/+12
\| \| \| \|	Guenther
*	r23587: Cleanup redundant code in the krb5 renew function.	Günther Deschner	2007-10-10	1	-23/+16
\| \| \| \|	Guenther
*	r23586: Fix heimdal path in the krb5 renew routine when we need to compose ↵	Günther Deschner	2007-10-10	1	-1/+5
\| \| \| \| \| \| \| \|	the tgt string ourselves. Guenther
*	r23582: Fix event based krb5 ticket refreshing in winbindd.	Günther Deschner	2007-10-10	1	-5/+5
\| \| \| \| \| \| \|	We were incorrectly using the renew_till timestamp instead of the renewed ticket's endtime to calculate the next refreshing date. Guenther
*	r22747: Fix some C++ warnings	Volker Lendecke	2007-10-10	1	-1/+1
\|
*	r22664: When we have krb5_get_init_creds_opt_get_error() then try to get the ↵	Günther Deschner	2007-10-10	1	-0/+39
\| \| \| \| \| \| \| \|	NTSTATUS codes directly out of the krb5_error edata. Guenther
*	r22479: Add "net ads keytab list".	Günther Deschner	2007-10-10	1	-6/+41
\| \| \| \|	Guenther
*	r22003: Fix from Jiri.Sasek@Sun.COM to wrap our krb5_locate_kdc	Jeremy Allison	2007-10-10	1	-5/+13
\| \| \| \| \| \|	call as smb_krb5_locate_kdc to prevent incorrect linking and crashes on Solaris. Jeremy.
*	r21846: Try and fix the Darwin build which seems to have a strange krb5.	Jeremy Allison	2007-10-10	1	-0/+6
\| \| \| \|	Jeremy.
*	r21845: Refactor the sessionsetupX code a little to allow us	Jeremy Allison	2007-10-10	1	-0/+33
\| \| \| \| \| \| \| \| \| \| \|	to return a NT_STATUS_TIME_DIFFERENCE_AT_DC error to a client when there's clock skew. Will help people debug this. Prepare us for being able to return the correct sessionsetupX "NT_STATUS_MORE_PROCESSING_REQUIRED" error with associated krb5 clock skew error to allow clients to re-sync time with us when we're eventually able to be a KDC. Jeremy.
*	r21778: Wrap calls to krb5_get_init_creds_opt_free to handle the different	James Peach	2007-10-10	1	-6/+23
\| \| \| \| \|	calling convention in the latest MIT changes. Apparantly Heimdal is also changing to this calling convention.
*	r21240: Fix longstanding Bug #4009.	Günther Deschner	2007-10-10	1	-5/+15
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	For the winbind cached ADS LDAP connection handling (ads_cached_connection()) we were (incorrectly) assuming that the service ticket lifetime equaled the tgt lifetime. For setups where the service ticket just lives 10 minutes, we were leaving hundreds of LDAP connections in CLOSE_WAIT state, until we fail to service entirely with "Too many open files". Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP connection after the ads_do_search_retry() has failed to submit the search request (although the bind succeeded (returning an expired service ticket that we cannot delete from the memory cred cache - this will get fixed later)). Guenther
*	r21110: Fix kinit with Heimdal (Bug #4226).	Günther Deschner	2007-10-10	1	-0/+26
\| \| \| \|	Guenther
*	r21046: Backing out svn r20403 (Andrew's krb5 ticket cleanup	Gerald Carter	2007-10-10	1	-0/+42
\| \| \| \| \| \| \| \|	as this is causing the WRONG_PASSWORD error in the SetUserInfo() call during net ads join). We are now back to always list RC4-HMAC first if supported by the krb5 libraries.
*	r20403: Cleaning out my Samba 3.0 tree:	Andrew Bartlett	2007-10-10	1	-42/+0
\| \| \| \| \| \| \| \| \|	As discussed with jerry at the CIFS conf: overriding the administrator's wishes from the krb5.conf has only every given me segfaults. We suggest leaving this up to the defaults from the libraries anyway. Andrew Bartlett
*	r19939: ,fix compile warning about unused functions when not using heimdal	Gerald Carter	2007-10-10	1	-0/+2
\|
*	r19416: Fix some c++ warnings.	Günther Deschner	2007-10-10	1	-2/+2
\| \| \| \|	Guenther
*	r19374: fix the build with heimdal	Stefan Metzmacher	2007-10-10	1	-1/+1
\| \| \| \|	metze
*	r19291: this should fix the build on heimdal systems	Stefan Metzmacher	2007-10-10	1	-1/+0
\| \| \| \|	metze
*	r19270: Stop depending on internal MIT symbols. These are private on MacOS	James Peach	2007-10-10	1	-47/+56
\| \| \| \| \| \| \|	x, so we can't get at them even if we wanted to. Kerberos experts, please take a look to make sure I've done the right thing!
*	r19237: fix typo	Stefan Metzmacher	2007-10-10	1	-1/+1
\| \| \| \|	metze
*	r17162: Fix typo small typos noticed by Paul Green.	Gerald Carter	2007-10-10	1	-1/+1
\|